Details

Adding roles is pretty easy
Just add the following one line (line 7 to be specific)

// Configure aspnet identity with roles
builder.Services.AddIdentity<ApplicationUser, IdentityRole<Guid>>(options =>
{
   options.User.RequireUniqueEmail = true;
   options.Password.RequiredLength = 8;
})
   .AddRoles<IdentityRole<Guid>>()
   .AddEntityFrameworkStores<ApplicationDbContext>()
   .AddDefaultTokenProviders();

Then check for roles on controller or endpoint level by adding this

[Authorize(Roles = "Administrator")]

Easy.